BL> BTW, what's this new Sasser worm that exploits a "flaw" in
BL> WinXP?

DD> An unused port that reponds to inbound traffic and actions it.
DD> Not an issue if one has a firewall betwen one's machine and the
DD> the Internet (or runs an OS without such silly shortcomings).
DD> This is not the first worn to exploit unprotected ports in Xp -
DD> remember the MSBlaster worm?

 Yair... I'm about to set up a Linux server on theold machine (once I
get all the files transferred).

DD>> _IF_ it can connect Bob. Read your Linux security blurb, it
DD>> says to close all ports you're not using. Windows doesn't read
DD>> that blurb, it has ports open and welcoming all over the
DD>> bloody place. 

 I was asking about Windows, not Linux. I am very suspicious of
Microsoft. It's all very well to accuse them of stupidity, but after
30 years I would expect even an idiot to have sorted out the bugs.
What remains, is *intentional* bugs... back doors! Gates is a control
freak. He wants access to every PC on the planet - and not just for
profit. You only have to run through the long list of "undocumented"
features in DOS, to see how he thinks.

 "*Of course* Linux closes the ports. Any sane person writing an O/S
would try to make it invulnerable to all but the user. Unfortunately,
Gates and M$ are not sane.

BL> I *know* how it gets in... how does it get RUN?

DD> It drops executables in the right places and patches the
DD> registy to use them. 

 Aha! That's what I assumed.

 I know Win31 pretty well, and when I first looked at Win98, I could
not believe that Gates had used a registry the way he does.

BL> I remember a few years ago, when Keith ran a fancy new firewall
BL> that monitored all his ports. He said he was getting an average
BL> of two or three attacks every day! And some of them were
BL> persistent.

DD> Many are not "attacks" - merely something "feeling" ports.

 Well... how can you tell which? Keith assumed it was an attack, and
so do I.

BL> The Internet connects you to the entire world, and it is the
BL> height of hubris for you to say that you can beat them all. If
BL> Bill Gates can't beat them...

DD> The firewall people can, Linux can.

 Oh, yair?

DD> It's Bill Gates theory that a computer should be easy to use
DD> (or easy for him to control every PC on Earth - or Splong).
DD> There in lies Bill's problem. 

 I think it goes further with Gates that just wanting to make it
easy. Xwindows (and KDE) makes Linux pretty easy without selling the
farm. I think Gates has *two* philosophies: first that it has to be
easy and reliable if he wants a large market; and next he wants to
*own* that market.

DD>> Do not connect a Windows machine directly to the outside world
DD>> without first installing a firewall package that isn't made by
DD>> Microsoft. 

BL> It's not just Microsoft, David. Any well-known firewall runs
BL> the same sort of risk of penetration - especially if they use
BL> the same Windows O/S. I've seen it happen with Borland and
BL> Norton. They are really just another version of Microsoft.

DD> A firewall is not just a software package running on a WinBox.
DD> I do NOT run any firewall software here on the Windows machines
DD> (nor on the hundreds at work). Do not connect the Windows
DD> machines directly to the outside world.

 I agree. I don't even trust Intel, which is one of the reasons I
use the M$ outsider... AMD.

DD>> Do not run untrusted executables (and trust very few). 

BL> This is the problem - whom do you trust? My answer is no one.

DD> I'm not having any problems here - the Gassons aren't having
DD> problems. Surely we're not the only two housholds in the world
DD> who've got this sussed? 

 It's a question of odds. Every time you run an EXE, you take a risk.
I bought this computer with half-a-dozen driver CDs, most of them
burned in China... so I take a risk. My approach is that once I've got
it loaded, and it's working... I never update. You update daily. What
the *actual* risk is, I don't know, but your exposure is a thousand
times greater than mine.

DD> If you're serious about the Linux box being a router/firewall
DD> only take a look at one of the single diskette router
DD> distributions of it (LRP or Freesco or such). These boot from a
DD> wite protected floppy, load inot a RAM drive and run from
DD> there. If something odd happens, just reboot and it
DD> automatically runs a "clean" copy. 

 I've thought of that, but it's not such a big deal with these fast
CPUs and drives. I can run a backup for the entire drive in 3 minutes.

Regards,
Bob



--- BQWK Alpha 0.5